We have multiple realms we are wanting to authenticate.  However, we 
have some users that should only be able to authenticate in one realm.

Here's the scenario:

User joe should log in as [EMAIL PROTECTED]  If he does, his name is 
rewritten to 'joe' and passed to the Unix passwd check for verification.  
He should be able to log in this way, but he should NOT be allowed to log 

I thought I could simply add this in the 'users' file:

joe             Auth-Type = System, Realm = filter.wingnet.net

However, after the name is rewritten to 'joe' and passed to the AuthUNIX 
it kicks back this error:

AuthUNIX llks for match with joe
AuthUNIX REJECT: Realm does not match
AuthUNIX REJECT: Realm does not match
Access rejected for joe: Realm does not match

This appears to be frustrating my purpose.  Any ideas on how to do what 
I want to do?

btw -- my radius.cfg entry for the filter realm is thus:

<Realm filter.wingnet.net>
        RewriteUsername ....stuff per docs...
                <AuthBy FILE>
                        DefaultSimultaneousUse 1
                        Filename %D/users

Thanks for any help offered...

Craig Thompson
WingNET Internet Services,
P.O. Box 3000 // Cleveland, TN 37320-3000
423-559-LINK (v)  423-559-5444 (f)

Thought for the day:
    Intuition (n): an uncanny sixth sense which tells people 
    that they are right, whether they are or not.

To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to